From 2aa8be5f346643196ad012f022395b83ce9a394d Mon Sep 17 00:00:00 2001 From: Romoke Ajayi Date: Fri, 17 Mar 2023 13:49:21 +0000 Subject: [PATCH 1/7] fix: ensure yarn install works by assigning some value to SSH_AUTH_SOCK in env and also added API_PATH --- .env-jenkins-docker | 3 ++- Jenkinsfile | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.env-jenkins-docker b/.env-jenkins-docker index b14831a6f..b40ea30be 100644 --- a/.env-jenkins-docker +++ b/.env-jenkins-docker @@ -11,4 +11,5 @@ discovery.type=single-node RAILS_ENV=development NODE_ENV=development PP_HOST=localhost:3000 - +API_PATH=. +SSH_AUTH_SOCK=/ssh-agent diff --git a/Jenkinsfile b/Jenkinsfile index b35ae25cb..0476b0ad1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -134,7 +134,7 @@ pipeline { def buildProject() { sh 'echo "Building Project.............."' sh "cp .env-jenkins-docker .env" - sh "docker-compose -f ${COMPOSE_FILE} --project-name=${JOB_NAME} build" + sh "docker-compose -f ${COMPOSE_FILE} --project-name=${JOB_NAME} build web db redis sidekiq elasticsearch kibana webpacker" } def prepare() { From 4f0aadff3b3ec2e9fa116891db31c69c45fbdc23 Mon Sep 17 00:00:00 2001 From: pazolka Date: Tue, 21 Mar 2023 15:43:44 +0000 Subject: [PATCH 2/7] fix: use custom network --- docker-compose.yml | 43 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 5eabf64f3..19b55e72e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,10 @@ services: - protectedplanet_import_data:/import_data - protectedplanet_bundler:/usr/local/bundle - ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK} - network_mode: host + ports: + - "3000:3000" + networks: + - protectedplanet environment: - SSH_AUTH_SOCK=${SSH_AUTH_SOCK} env_file: @@ -25,7 +28,10 @@ services: db: container_name: protectedplanet-db image: kartoza/postgis:11.5-2.5 - network_mode: host + ports: + - "5432:5432" + networks: + - protectedplanet env_file: - '.env' volumes: @@ -34,7 +40,10 @@ services: redis: container_name: protectedplanet-redis image: redis - network_mode: host + ports: + - "6379:6379" + networks: + - protectedplanet env_file: - '.env' volumes: @@ -45,7 +54,8 @@ services: - .:/ProtectedPlanet - protectedplanet_node_modules:/ProtectedPlanet/node_modules - protectedplanet_import_data:/import_data - network_mode: host + networks: + - protectedplanet depends_on: - db - redis @@ -65,7 +75,10 @@ services: memlock: soft: -1 hard: -1 - network_mode: host + ports: + - "9200:9200" + networks: + - protectedplanet env_file: - '.env' volumes: @@ -73,10 +86,13 @@ services: kibana: image: docker.elastic.co/kibana/kibana:8.6.0 environment: - - ELASTICSEARCH_HOSTS=http://localhost:9200 + - ELASTICSEARCH_HOSTS=http://protectedplanet-elasticsearch:9200 env_file: - '.env' - network_mode: host + ports: + - "5601:5601" + networks: + - protectedplanet webpacker: container_name: protectedplanet-webpacker @@ -88,7 +104,10 @@ services: - .:/ProtectedPlanet - protectedplanet_node_modules:/ProtectedPlanet/node_modules - protectedplanet_bundler:/usr/local/bundle - network_mode: host + ports: + - "3035:3035" + networks: + - protectedplanet api: container_name: protectedplanet-api @@ -98,7 +117,10 @@ services: volumes: - ${API_PATH}:/ProtectedPlanetApi - ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK} - network_mode: host + ports: + - "9292:9292" + networks: + - protectedplanet environment: - SSH_AUTH_SOCK=${SSH_AUTH_SOCK} env_file: @@ -109,6 +131,9 @@ services: tty: true profiles: ['api'] +networks: + protectedplanet: + driver: bridge volumes: protectedplanet_pg_data: From 961effcc640c91a1032e9ea250a5778f1c77767f Mon Sep 17 00:00:00 2001 From: pazolka Date: Tue, 21 Mar 2023 16:29:17 +0000 Subject: [PATCH 3/7] fix: simplify ssh agent mapping --- docker-compose.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 19b55e72e..a93892b95 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,13 +9,13 @@ services: - protectedplanet_node_modules:/ProtectedPlanet/node_modules - protectedplanet_import_data:/import_data - protectedplanet_bundler:/usr/local/bundle - - ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK} + - ${SSH_AUTH_SOCK}:/ssh-agent ports: - "3000:3000" networks: - protectedplanet environment: - - SSH_AUTH_SOCK=${SSH_AUTH_SOCK} + - SSH_AUTH_SOCK=/ssh-agent env_file: - '.env' depends_on: @@ -116,13 +116,13 @@ services: command: /bin/bash -l -c "bundle exec rackup" volumes: - ${API_PATH}:/ProtectedPlanetApi - - ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK} + - ${SSH_AUTH_SOCK}:/ssh-agent ports: - "9292:9292" networks: - protectedplanet environment: - - SSH_AUTH_SOCK=${SSH_AUTH_SOCK} + - SSH_AUTH_SOCK=/ssh-agent env_file: - ${API_PATH}/.env depends_on: From aec64b46b7081d41fe922613395e14e232199726 Mon Sep 17 00:00:00 2001 From: Yue-Long Date: Tue, 21 Mar 2023 17:08:46 +0000 Subject: [PATCH 4/7] chore: update docker instructions for ssh-agent settings for mac users chore: update docker instructions for ssh-agent settings for mac users --- docker-compose.yml | 2 ++ docs/docker.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index a93892b95..a6ec0506a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,6 +9,7 @@ services: - protectedplanet_node_modules:/ProtectedPlanet/node_modules - protectedplanet_import_data:/import_data - protectedplanet_bundler:/usr/local/bundle + # - /run/host-services/ssh-auth.sock:/ssh-agent # Use this setting for Mac OS X and comment out ${SSH_AUTH_SOCK}:/ssh-agent below - ${SSH_AUTH_SOCK}:/ssh-agent ports: - "3000:3000" @@ -116,6 +117,7 @@ services: command: /bin/bash -l -c "bundle exec rackup" volumes: - ${API_PATH}:/ProtectedPlanetApi + # - /run/host-services/ssh-auth.sock:/ssh-agent # Use this setting for Mac OS X and comment out ${SSH_AUTH_SOCK}:/ssh-agent below - ${SSH_AUTH_SOCK}:/ssh-agent ports: - "9292:9292" diff --git a/docs/docker.md b/docs/docker.md index 283559c6d..beec2cd42 100644 --- a/docs/docker.md +++ b/docs/docker.md @@ -113,6 +113,8 @@ sudo docker exec -it protectedplanet-api cap staging deploy ### Troubleshooting: - `SSH_AUTH_SOCK` not found: make sure `echo ${SSH_AUTH_SOCK}` returns a path to your ssh agent +- For Mac OS X Please make sure you use `/run/host-services/ssh-auth.sock:/ssh-agent` for ssh agent path in docker-compose.yml file + - if yarn integrity problems appear: temporary fix `docker run web yarn install` - if CMS seeds downloading fails, remove `db/cms_seeds` and retry From 5762da9ad1971bf21ccc26853b4ae554752e594a Mon Sep 17 00:00:00 2001 From: pazolka Date: Wed, 22 Mar 2023 10:17:51 +0000 Subject: [PATCH 5/7] fix: update .env --- .env-jenkins-docker | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.env-jenkins-docker b/.env-jenkins-docker index b14831a6f..82cd2872c 100644 --- a/.env-jenkins-docker +++ b/.env-jenkins-docker @@ -1,11 +1,11 @@ POSTGRES_USER=postgres POSTGRES_PASSWORD=postgres -POSTGRES_HOST=localhost +POSTGRES_HOST=protectedplanet-db POSTGRES_DBNAME=pp_development POSTGRES_MULTIPLE_EXTENSIONS=postgis,hstore,postgis_topology -REDIS_URL=redis://localhost:6379/0 -ELASTIC_SEARCH_URL=http://elastic:elastic@localhost:9200 -WEBPACKER_DEV_SERVER_HOST=localhost +REDIS_URL=redis://protectedplanet-redis:6379/0 +ELASTIC_SEARCH_URL=http://elastic:elastic@protectedplanet-elasticsearch:9200 +WEBPACKER_DEV_SERVER_HOST=protectedplanet-webpacker xpack.security.enabled=false discovery.type=single-node RAILS_ENV=development From dee3702ce786d412d9a2898f4a2245e6b7c04758 Mon Sep 17 00:00:00 2001 From: sergiomarrocoli Date: Thu, 23 Mar 2023 11:20:30 +0000 Subject: [PATCH 6/7] feat: add host to api service in docker-compose.yml --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index a6ec0506a..2c46c5701 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -114,7 +114,7 @@ services: container_name: protectedplanet-api build: context: ${API_PATH} - command: /bin/bash -l -c "bundle exec rackup" + command: /bin/bash -l -c "bundle exec rackup --host 0.0.0.0" volumes: - ${API_PATH}:/ProtectedPlanetApi # - /run/host-services/ssh-auth.sock:/ssh-agent # Use this setting for Mac OS X and comment out ${SSH_AUTH_SOCK}:/ssh-agent below From 9f128179819292d6691d3cf02ce2873bea48f320 Mon Sep 17 00:00:00 2001 From: sergiomarrocoli Date: Thu, 23 Mar 2023 12:18:48 +0000 Subject: [PATCH 7/7] chore: update docker documentation to include setting PP-API .env variables --- docs/docker.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/docker.md b/docs/docker.md index beec2cd42..6a9c4c032 100644 --- a/docs/docker.md +++ b/docs/docker.md @@ -82,7 +82,13 @@ docker exec -it protectedplanet-web rake search:reindex ## Step 5: API setup (optional) The [Protected Planet API](https://github.com/unepwcmc/protectedplanet-api) is a separate Sinatra/Grape application that uses the same database and is included as a service in the docker-compose.yml. -To use this service, you need to add the path to your local protectedplanet-api directory in your .env file under the `API_PATH` key. +To use this service, you need to: +- add the path to your local protectedplanet-api directory in your .env file under the `API_PATH` key. +- set the environment variables in the pp-api .env to match the PP docker configuration, e.g: +``` +POSTGRES_HOST=protectedplanet-db +POSTGRES_PASSWORD=postgres +``` The api service has an 'api' profile and so does not start automatically with `docker compose up`. You can either run it alongside all of the standard ProtectedPlanet services with: ```